Slashdot Mirror
Pretty Poor Privacy
EPIC has just released a harsh criticism of the Pretty Poor Privacy specification from W3C. Although automatic data transfer is not in the P3P spec itself any longer (taken out after polls showed people didn't like it), implementations of P3P will still include automatic data transfer mechanisms - the idea behind P3P is that viewers will be required to reveal their addresses and other personal information to every commercial site they access or be denied entrance, and that this data transfer will be effectively hidden from users so it will be "out of sight, out of mind". (For a more in-depth article about P3P and Internet privacy generally, see this paper, written in response to Lessig's support of P3P in his recent book.)
The problem with this is that there are both legitimate and illegitimate reasons to want that info. Sure it's great that you can automatically give people a bogus address and watch them waste their money junkmailing non-existent addresses. Unfortunately, the on-line retailers are going to be asking for the same information, so that book you just bought from Amazon.com is going to be sent to the same bogus address.
I suppose that there are practical solutions to this problem, but it still is a problem. You could, for instance, have two browsers and only fire up the one with genuine info when you actually wanted to buy something. Or, for that matter, a really smart browser could have the option of deliberately feeding bogus info to sites that you don't like the privacy policies of, rather than simply not letting you access them at all. Actually, that last one seems like a great idea for a free software project ...
There's no point in questioning authority if you aren't going to listen to the answers.
I mean, think about it. Instead of going through the trouble to research places you do business with online, to find out what their privacy practices and stances are, you can just go to the site and if it rejects you because you didn't automatically provide personal information that they have no right to, then you can just go elsewhere. They do all the 'footwork' for you in identifying themselves as businesses you may not wish to do business with!
---
seumas.com
This is like the WTO telling the U.S. its environmental laws have to go in the name of good trade.
'Scuse me? Seems like you've got that one bass-ackwards. Check out the ongoing debate between the US and the EU over genetically modified foods, or Coca-Cola's actions at the upcoming Olympic Games in Sydney.
Yo dawg, I heard you like the Ackermann function, so OH GOD OH GOD OH GOD
The actual report is at http://www.epic.org/reports/pret typoorprivacy.html.
Giving one site false info does not make you anonymous...you must maintain a no exceptions policy of disinformation at all times! :-)
It's not funny till someone gets hurt.
ever go to the supermarket and use your "shoppers club" card?
Every single instance of a club that saves you a nominal amount of money does so in order for them to better market their products to YOU. You save some money so you will spend much more later.
ever use a Credit Card? Yep, they track purchasesd, too.
Buy with a check and they use a check scanner? same thing.
Free email service? you have to provide your info.
Free Registration on any site? Yep, same thing... You are getting "valuable" content just for giving up your information. It may not be cash, but you are selling it anyway.
... hi bingo
The Mongrel Dogs Who Teach
Yes, I think quite a few people do know somthing about this, and you are very wrong.
This is not really a privacy tool, but an anti-privacy tool. Please read the article at EPIC. I did read the entire piece, and could not agree more.
For this to even nominally become a tool which enhances privacy rather than degrades it, a lot of trust is required.
*You have to trust each web site you visit to really acquire only the information you want to let out and further trust that you will be notified that your personal information is being transferred or logged when it happens. P3P makes it much easier for web sites to acquire all kinds of information without your knowledge and to transmit that information by installing helpers in web browsers and even operating systems to do that.
*You have to trust the browser to be honest about doing the same. Get real. AOL-Netscape and Microsoft already have numerous built-in trojans which are difficult for users to remove or even know about. Working in conjunction with Active X, VB Script, Java Script, cookies and trojan horses hidden in the Widows registry, the browser can completely expose your local computer to a web site. It already does in some cases. This is truly 1984 - a nightmare. If an individual did what these companies do, he would be sentenced to years of imprisonment and forbidden to ever use the internet again when released. This is computer crime on such a large scale as to make the actions of every script kiddie and cracker inconsequential. If the lie is big enough, and is repeated with conviction, many people will believe it. A well known technique.
*As stated in the article, users will be overwhelmed with having to make choices about privacy levels at each web site and will tend to set the global setting to the lowest possible privacy level for all sites to avoid irritating popups. And, even if they set their desired level of privacy to the higest possible level, there is no guarantee that the browser and the web site will respect that setting, or that web site will not be able to change these setting without the user's knowledge. As described above, helper applications imbedded into a browser or an OS, or run by an ISP without a user's knowledge, will greatly facilitate the ease of silent transfers.
*Microsoft and other application service providers will increasingly be able to alter, without the users knowledge, information which is on a remote computer if their software is used. For example, in "updating software" all your setting can be changed to the default (the lowest possible privacy setting of course). Rememember, you do not own the software which operates your computer if you use Windows, Mac and some other proprietary systems. You only have a license to use that software. Increasingly such licenses will be time-limited and subject to cancellation on mere suspicion of internet "piracy" and so forth or even for having another OS also installed on the same machine, which can be interpreted as a breach of the license contract (installing "non-standard" software which might interfere with proper functioning of licensed, proprietary products).
Finally, consider the source of support for this new "standard". Corporations like MS, AOL and Real have been prosecuted or sued time and time again for violations of privacy and will continue abusing their customers unless the penalties become prohibitive or unless customers boycott them.
Even if it is remotely possible for this P3P protocol and "standard" to enhance privacy, your post which implies that those of use who do have concerns are completely off base rings false. Such concerns are well justified by past "untrustworty" behavior by the major corporations behind this standard for abuse. And yes, I do trust the people at EPIC and Junkbusers a lot more than I trust Bill Gates and Steve Chase.
ZDNet story
It sure doesn't look that way!
Okay, with P3P, you are supposed to be able to:
1) Define different things about yourself, such as your age, sex, address, favourite colour, waist size, whatever.
2) Set rules for how each of those piece of information are shared, or even IF they're shared (though there's not much point in defining them if you're never gonna share 'em. So don't define them if you don't want to!)
3) Okay, so you've got your Internet app configured with the information and the rules on how and when and to whom you'll share.
Scenario:
You go to an online retailer (e-tailer, ugh.). This place sells clothes, woohoo! When you hit the site, your internet app does a check - it checks how you set up your P3P settings in that app - do you get notified of where your P3P rules clash, does it autonegotiate sending _some_ of your info based on what the site says it will do with it, or will it pop up a thing that lets you 'dicker' with the site about what you will and won't share? Okay, so if the site says it'll use the info it's requesting for non-personally identifiable marketing purposes (age, sex, favourite colour, nothing that can identify YOU), then hopefully you've set your P3P rules to allow that to happen automagically. The site then has all those nice customized features to match your age, sex, and favourite colour. Nice.
Okay, say what the site wanted wasn't allowed by your P3P rules. Okay, if the internet app has been coded nicely (that's an assumption), then it might pop up something saying, "Site X wants such and such information, but promises it won't be shared with anyone under any circumstances." It's then up to you to say yea or nay, HOPEFULLY to each individual item of information. HOPEFULLY you'll be able to say, check next to each item you're willing to allow. Then the internet app goes back to the site with the additional items you're willing to share. If the site says okie dokie, then you're fine. Or else some features of the site may be disabled. Or perhaps the price of the item is higher (lower price for people willing to share more info? A better way to 'pay' people for sharing information.). Or maybe you don't get access at all, but that brings us to the friggin' POINT of P3P:
You are _optionally_ *INFORMED* of each piece of information the site wants from you, and what they're going to do with it. You don't get that information at many sites now, and you certainly don't negotiate anything. Either you share it, or you don't. This will _NOT_ give out information you don't want given out. Anyone who thinks that knows nothing about P3P. This is about giving INFORMED CONTROL over your information. You don't have to give out anything you don't want to, or you can selectively give out INDIVIDUAL things (there's no "all or nothing" aspect here!!!), to sites, based on what they say they'll do with the info.
P3P _IS_ a good thing. It's GREAT for privacy. It's good for children and other living things. It also stays crunchy in milk, and has a good beat that I can dance to. I give it a 42, Dick.
The internet is as anonymous as you want to make it...because we still have the option of lying to those who ask us for information. Look at me. Did you think my real name was 'Remus Shepherd'? No -- it's a psuedonym, a lie.
99% of the websites I visit and do business with know me by an IP address and maybe the name Remus Shepherd. The other 1% are those that require real information and whom I've decided to give that information to. But most advertisers and databases out there know me as Remus, with no connection to my real name. They can't get a credit history on Remus Shepherd. Mailing address? None known. Bombard Remus Shepherd with 'targetted' ads all you like -- they're easy for my mailfilter to trash, while the few trusted sites that know my real name are allowed through.
The net may evolve into a communication medium where people have screen names and True Names (thanks again, Vernor Vinge). I think it's a simple and effective response to commercial invasion of privacy.
Genocide Man -- Life is funny. Death is funnier. Mass murder can be hilarious.
The main function of this "privacy protocol" is to streamline the gathering of personal information, and to make it as "painless" as possible for the user.
Our privacy is supposed to be "enhanced" by a protocol which standardizes all these aspects of personal information, and facilitates their transfer, possibly without the user initiating even noticing the transfer, to any web site that happens to implement the protocol. The name for this protocol sounds like it comes straight out of 1984.
Yo dawg, I heard you like the Ackermann function, so OH GOD OH GOD OH GOD
My company used to require information from users before they could download our free app. We dropped this requirement for two reasons, first, the users hated it, and second, the information we collected was crap. I looked at the database once and found what I expected, hundreds of William Jefferson Clinton, thousands of Bill Gates and quite a few Saddam Husseins, Jesus Christs and Vladimir Lenins.
The point being, if you try to compel people to give you information, that information becomes useless. The more you attempt to compel them, the more useless it gets. Sort of like a Hiesenberg's principle for info.
Some of these folks who want to set up huge databases from user info will find that the extra money generated won't pay for the boxes and bandwidth the infrastructure will require.
viewers will be required to reveal their addresses and other personal information to every commercial site they access or be denied entrance
Next I'll have to have my IPV6 address tatooed on my forehead to do business in the brick and mortar world.
134340: I am not a number. I am a free planet!
The World Wide Web Consortium is abbreviated W3C, and this makes sense. P3P would make sense if there were another P, but there isn't.
IANAL, but is this grounds for a lawsuit by whoever owns PGP trademark?
--
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;